Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Interrupting Promps to Pre-Configure Firewall

Hey all,

When you wr erase and reload an ASA, you are greeted with the following when the reboot is finished:

Pre-configure Firewall now through interactive prompts [yes]?

Firewall Mode [Routed]:

Enable password []:

Allow password recovery [yes]?

Clock (UTC):

  Year [2011]:

  Month [Jul]:

  Day [11]:

  Time [03:35:43]:

Inside IP address:

Address required

Inside IP address: 192.168.2.1

Inside network mask:

Mask required

Inside network mask: 255.255.255.0

Host name:

Name required

Host name: ciscoasa

Domain name:

Name required

Domain name: gomjabbar.com

IP address of host running Device Manager:

The following configuration will be used:

Enable password:

Allow password recovery: yes

Clock (UTC): 03:35:43 Jul 11 2011

Firewall Mode: Routed

Inside IP address: 192.168.2.1

Inside network mask: 255.255.255.0

Host name: ciscoasa

Domain name: gomjabbar.com

Use this configuration and write to flash?

My question to the group is more out of convenience.  Is there a way to interrupt this line of questioning and return to the to the ciscoasa> prompt?

The reason I need to know is I have an ASA training lab that calls for many wr erase/reload commands.  But when returning to the console after the reload, often the first key people press is enter which picks the default of yes, choosing to enter the pre-configuration interactive prompts.  I haven't found a way to easily cancel/exit from the prompts, so I figured I would bring this to the forum. 

Is there a way to exit out of these interactive prompts?  Or is there a way to prevent this from even being an option after reboot?. 

Any help would be appreciated.  Thank you.

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Interrupting Promps to Pre-Configure Firewall

I think you are looking for Ctrl-z  (Control and the Z keys)

5 REPLIES
Hall of Fame Super Silver

Interrupting Promps to Pre-Configure Firewall

I might suggest that instead of write erase + reload that you add an intermediate step of "copy url startup-config" with the url being a basic configuration that sets up the basic script that would otherwise result from the steps above.

I'm not positive but you might also be able to use "configure factory-default" plus a reload.

New Member

Re: Interrupting Promps to Pre-Configure Firewall

I'm afraid configure factory-default wouldn't work.  Although I appreciate the suggestion.  Here is what I found:

ciscoasa(config)#   enable password CHANGEME

ciscoasa(config)#   passwd CHANGEME

ciscoasa(config)#  show run enable

enable password 5Db5cau6UDXqmaqY encrypted

ciscoasa(config)# show run passwd

passwd 5Db5cau6UDXqmaqY encrypted

ciscoasa(config)# write erase

Erase configuration in flash memory? [confirm]

[OK]

ciscoasa(config)# reload noconfirm

[--- Reload Text Removed --]

ciscoasa> en

Password:

ciscoasa#  show run enable

enable password 8Ry2YjIyt7RRXU24 encrypted

ciscoasa#  show run passwd

passwd 2KFQnbNIdI.2KYOU encrypted

Results:  write erase/reload will reset all passwords  --  This is the behavior I am trying to match.  However, two additional methods below didn't prove the same luck.

ciscoasa(config)# enable password CHANGEME

ciscoasa(config)# passwd CHANGEME

ciscoasa(config)#

ciscoasa(config)# show run enable

enable password 5Db5cau6UDXqmaqY encrypted

ciscoasa(config)# show run passwd

passwd 5Db5cau6UDXqmaqY encrypted

ciscoasa(config)#

ciscoasa(config)#

ciscoasa(config)# clear configure all

ciscoasa(config)#

ciscoasa(config)# show run enable

enable password 5Db5cau6UDXqmaqY encrypted

ciscoasa(config)# show run passwd

passwd 2KFQnbNIdI.2KYOU encrypted

ciscoasa(config)#

Results:  clear configure all resets the passwd, but not the enable password

ciscoasa(config)# enable password CHANGEME

ciscoasa(config)# passwd CHANGEME

ciscoasa(config)# show run enable

enable password 5Db5cau6UDXqmaqY encrypted

ciscoasa(config)# show run passwd

passwd 5Db5cau6UDXqmaqY encrypted

ciscoasa(config)#

ciscoasa(config)#

ciscoasa(config)# configure factory-default

[--- Factory-Default Text Removed --]

Factory-default configuration is completed

ciscoasa(config)#

ciscoasa(config)# show run enable

enable password 5Db5cau6UDXqmaqY encrypted

ciscoasa(config)# show run passwd

passwd 2KFQnbNIdI.2KYOU encrypted

ciscoasa(config)#

Results:  configure factory-default resets the passwd, but not the enable password

I don't know of another "reset all" method that can be done from the configuration itself, but testing these three it seems only the write erase/reload method will do what I need.  But that has the annoying side effect of the interactive prompts when the reload is finished.

Does anyone know of a method to interrupt those prompts?  Maybe even a configuration register to bypass the interactive prompts?  Anything at all?  Any help would be greatly appreciated.

Thanks.

-Eddie

New Member

Re: Interrupting Promps to Pre-Configure Firewall

Just documenting this here since I was playing with it.  The default passwords for the enable and passwd:

ciscoasa# show run passwd

passwd 2KFQnbNIdI.2KYOU encrypted

ciscoasa# show run enable

enable password 8Ry2YjIyt7RRXU24 encrypted

ciscoasa# conf t

ciscoasa(config)# enable password cisco

ciscoasa(config)#  show run enable

enable password 2KFQnbNIdI.2KYOU encrypted

ciscoasa(config)# exit

So in the end, the following passwords correspond to the following hashs:

2KFQnbNIdI.2KYOU cisco

8Ry2YjIyt7RRXU24

And the default username is..... pix.

Anyways, still looking for a solution.  Just thought this might be helpful if anyone ends up finding this post on a search engine or something.

New Member

Re: Interrupting Promps to Pre-Configure Firewall

I think you are looking for Ctrl-z  (Control and the Z keys)

New Member

Interrupting Promps to Pre-Configure Firewall

That did the trick.  Thanks matt.goff. I'm a bit emabarssed that I didn't try that combination myself.

Thanks again.

-Eddie

2871
Views
0
Helpful
5
Replies
CreatePlease login to create content